Signature Detail
Short Name |
LDAP:SUN-DIR-OF |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
LDAP |
Keywords |
Sun Directory Server Denial of Service |
Release Date |
2006/02/24 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
LDAP: Sun Directory Server Denial of Service
This signature detects attempts to exploit a known vulnerability in the Sun Directory Server. The vulnerability is caused due to improper handling of certain overly large LDAP messages. An unauthenticated remote attacker can send a maliciously crafted LDAP message to the target host, which can terminate the affected LDAP server on the target system.
Extended Description
Sun ONE Directory Server is prone to a remote denial-of-service vulnerability. This issue is due to the application's failure to handle malformed network traffic. This issue allows remote attackers to crash the application, denying service to legitimate users.
Affected Products
- Sun Java System Directory Server 5.2
- Sun Java System Directory Server 5.2 2003Q4
- Sun Java System Directory Server 5.2 2004Q2
- Sun Java System Directory Server 5.2 2005Q1
- Sun Java System Directory Server 5.2 2005Q4
- Sun Java System Directory Server 5.2 Patch2
- Sun ONE Directory Server 5.2.0
- Sun ONE Directory Server 5.2.0 Patch 3
- Sun ONE Directory Server 5.2.0 Patch 4
References