Vulnerabilities > CVE-2007-2466 - Denial Of Service vulnerability in SUN Java System Directory Server and ONE Directory Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Nessus
NASL family | Gain a shell remotely |
NASL id | SUN_DIRECTORY_SERVER_MULTIPLE.NASL |
description | The remote host is running the Sun Java System Directory Server, an LDAP server from Sun Microsystems. The remote version of this service is affected by multiple vulnerabilities. Versions 6.0 and prior to 5.2 Patch 5 are affected by : - list attributes information disclosure - Unauthorized Access (restricted to super users). Versions prior to 5.2 Patch 5 are affected by : - Denial of service due to the BER decoding handler - Memory corruption in the failed request handler. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25705 |
published | 2007-07-12 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25705 |
title | Sun Java System Directory Server Multiple Vulnerabilities |
code |
|
References
- http://osvdb.org/35743
- http://secunia.com/advisories/25091
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1
- http://www.securityfocus.com/bid/23743
- http://www.securitytracker.com/id?1017991
- http://www.vupen.com/english/advisories/2007/1610
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34002