
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
LDAP: Sun Directory Server Denial of Service
Have anyone seen this?
I'd like to know if there's another way to configure the Active Directory besides the usual.
Here´s the description:
LDAP: Sun Directory Server Denial of Service
This signature detects attempts to exploit a known vulnerability in the Sun Directory Server. The vulnerability is caused due to improper handling of certain overly large LDAP messages. An unauthenticated remote attacker can send a maliciously crafted LDAP message to the target host, which can terminate the affected LDAP server on the target system.
Extended Description
Sun ONE Directory Server is prone to a remote denial-of-service vulnerability. This issue is due to the application's failure to handle malformed network traffic. This issue allows remote attackers to crash the application, denying service to legitimate users.
Affected Products
- Sun Java System Directory Server 5.2
- Sun Java System Directory Server 5.2 2003Q4
- Sun Java System Directory Server 5.2 2004Q2
- Sun Java System Directory Server 5.2 2005Q1
- Sun Java System Directory Server 5.2 2005Q4
- Sun Java System Directory Server 5.2 Patch2
- Sun ONE Directory Server 5.2.0
- Sun ONE Directory Server 5.2.0 Patch 3
- Sun ONE Directory Server 5.2.0 Patch 4
References
- BugTraq: 16550
- CVE: CVE-2006-0647
- URL: http://www.frsirt.com/english/advisories/2006/0492
- URL: http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html
Hope someone has something.
Cheers
