0 Replies Latest reply: Jul 16, 2013 10:35 AM by Nelson Villarreal RSS

    LDAP: Sun Directory Server Denial of Service

      Have anyone seen this?

       

      I'd like to know if there's another way to configure the Active Directory besides the usual.

       

      Here´s the description:

       

      LDAP: Sun Directory Server Denial of Service


      This signature detects attempts to exploit a known vulnerability in the Sun Directory Server. The vulnerability is caused due to improper handling of certain overly large LDAP messages. An unauthenticated remote attacker can send a maliciously crafted LDAP message to the target host, which can terminate the affected LDAP server on the target system.

      Extended Description

      Sun ONE Directory Server is prone to a remote denial-of-service vulnerability. This issue is due to the application's failure to handle malformed network traffic. This issue allows remote attackers to crash the application, denying service to legitimate users.

      Affected Products

       

      • Sun Java System Directory Server 5.2
      • Sun Java System Directory Server 5.2 2003Q4
      • Sun Java System Directory Server 5.2 2004Q2
      • Sun Java System Directory Server 5.2 2005Q1
      • Sun Java System Directory Server 5.2 2005Q4
      • Sun Java System Directory Server 5.2 Patch2
      • Sun ONE Directory Server 5.2.0
      • Sun ONE Directory Server 5.2.0 Patch 3
      • Sun ONE Directory Server 5.2.0 Patch 4

      References

       

       

      Hope someone has something.

       

      Cheers