CVE-2009-0609
https://notcve.org/view.php?id=CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests. Sun Java System Directory Proxy Server en Sun Java System Directory Server Enterprise Edition v6.0 hasta v6.3, cuando una fuente de datos JDBC es utilizado, no se maneja adecuadamente (1) un valor largo en un ADD o (2) atributos de cadena largos, lo que permite a atacantes remotos provocar una denegación de servicio (JDBC backend outage) a través de peticiones manipulada LDAP. • http://secunia.com/advisories/33923 http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1 http://www.securityfocus.com/bid/33761 • CWE-20: Improper Input Validation •
CVE-2008-1995
https://notcve.org/view.php?id=CVE-2008-1995
Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server. Sun Java System Directory Proxy Server 6.0, 6.1, y 6.2 clasifica una conexión utilizando el criterio "bind-dn", lo cual puede provocar una aplicación incorrecta de políticas y permitir a atacantes remotos evitar restricciones de acceso previstas por el servidor. • http://secunia.com/advisories/29978 http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1 http://www.securityfocus.com/bid/28941 http://www.securitytracker.com/id?1019925 http://www.vupen.com/english/advisories/2008/1374/references • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-3224
https://notcve.org/view.php?id=CVE-2007-3224
Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors. Vulnerabilidad no especificada en Sun ONE/Java System Directory Server (slapd) 6.0, y 5.x anterior a 5.2 Parche 5, permite a atacantes remotos en determinar la existencia de atributos de una entrada a través de vectores no especificados. • http://osvdb.org/37247 http://secunia.com/advisories/25666 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1 http://www.securityfocus.com/bid/24467 http://www.securitytracker.com/id?1018254 http://www.vupen.com/english/advisories/2007/2189 https://exchange.xforce.ibmcloud.com/vulnerabilities/34858 •
CVE-2007-3225
https://notcve.org/view.php?id=CVE-2007-3225
Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors. Vulnerabilidad no especificada en Sun Java System Directory Server (slapd) 6.0, y 5.2 with Patch 3 o 4, permite a atacantes remotos modificar ciertos datos a través de vectores desconocidos. • http://osvdb.org/37246 http://secunia.com/advisories/25666 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1 http://www.securityfocus.com/bid/24468 http://www.securitytracker.com/id?1018255 http://www.vupen.com/english/advisories/2007/2189 https://exchange.xforce.ibmcloud.com/vulnerabilities/34859 •
CVE-2004-0826
https://notcve.org/view.php?id=CVE-2004-0826
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 http://www.securityfocus.com/bid/11015 http://xforce.iss.net/xforce/alerts/id/180 https://exchange.xforce.ibmcloud.com/vulnerabilities/16314 •