CVE-2007-2466
https://notcve.org/view.php?id=CVE-2007-2466
Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings. Vulnerabilidad no especificada en LDAP Software Development Kit (SDK) para C, como el usado en Sun Java System Directory Server 5.2 hasta el Patch 4 y Sun ONE Directory Server 5.1, permite a atacantes remotos provocar una denegación de servicio (caída) mediante ciertas codificaciones BER. • http://osvdb.org/35743 http://secunia.com/advisories/25091 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1 http://www.securityfocus.com/bid/23743 http://www.securitytracker.com/id?1017991 http://www.vupen.com/english/advisories/2007/1610 https://exchange.xforce.ibmcloud.com/vulnerabilities/34002 •
CVE-2006-4175
https://notcve.org/view.php?id=CVE-2006-4175
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations. El servidor LDAP (ns-slapd) de Sun Java System Directory Server 5.2 Patch4 y anteriores y ONE Directory Server 5.1 y 5.2 permite a atacantes remotos provocar una denegación de servicio (caída) mediante peticiones mal formadas, probablemente peticiones BER mal formadas, las cuales disparan una liberación de posiciones de memoria sin inicializar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491 http://secunia.com/advisories/24634 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1 http://www.osvdb.org/33524 http://www.securityfocus.com/bid/23117 http://www.securitytracker.com/id?1017814 http://www.vupen.com/english/advisories/2007/1090 https://exchange.xforce.ibmcloud.com/vulnerabilities/33189 • CWE-824: Access of Uninitialized Pointer •
CVE-2006-3127
https://notcve.org/view.php?id=CVE-2006-3127
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. Fallo de memoria en la Red de Servicios de Seguridad (NSS) 3.11, tal como se utiliza en Sun Java Enterprise System 2003Q4 2005Q1 y por medio de Java System Directory Server 5.2, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) mediante la realización de un gran número de operaciones de cifrado RSA . • http://secunia.com/advisories/25048 http://securitytracker.com/id?1016294 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1 http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html http://www.securityfocus.com/bid/18604 http://www.securityfocus.com/bid/20846 http://www.vupen.com/english/advisories/2007/1573 • CWE-399: Resource Management Errors •
CVE-2006-2513
https://notcve.org/view.php?id=CVE-2006-2513
Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges. • http://secunia.com/advisories/20144 http://securitytracker.com/id?1016112 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1 http://www.securityfocus.com/bid/18018 http://www.vupen.com/english/advisories/2006/1832 https://exchange.xforce.ibmcloud.com/vulnerabilities/26477 •
CVE-2006-0647 – Sun ONE Directory Server 5.2 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-0647
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite. • https://www.exploit-db.com/exploits/27171 http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html http://secunia.com/advisories/18769 http://securitytracker.com/id?1015604 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1 http://www.securityfocus.com/bid/16550 http://www.vupen.com/english/advisories/2006/0492 https://exchange.xforce.ibmcloud.com/vulnerabilities/24605 •