Vulnerabilities > CVE-2006-0647 - Remote Denial Of Service vulnerability in SUN Java System Directory Server 5.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Sun ONE Directory Server 5.2 Remote Denial Of Service Vulnerability. CVE-2006-0647. Dos exploits for multiple platform |
id | EDB-ID:27171 |
last seen | 2016-02-03 |
modified | 2006-02-08 |
published | 2006-02-08 |
reporter | Evgeny Legerov |
source | https://www.exploit-db.com/download/27171/ |
title | Sun ONE Directory Server 5.2 - Remote Denial of Service Vulnerability |
Nessus
NASL family | Denial of Service |
NASL id | SUNONE_LDAP_DOS.NASL |
description | The remote host appears to be running Sun ONE Directory Server, an LDAP directory from Sun. The version of Sun ONE Directory Server fails to handle certain malformed search requests. A user can leverage this issue to crash not just the LDAP server but also the entire application on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 20888 |
published | 2006-02-13 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/20888 |
title | Sun ONE Directory Server LDAP Malformed Packet DoS |
code |
|
References
- http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
- http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html
- http://secunia.com/advisories/18769
- http://securitytracker.com/id?1015604
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1
- http://www.securityfocus.com/bid/16550
- http://www.vupen.com/english/advisories/2006/0492
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24605