Denial of Service : Sun Java System DSEE Multiple Vulnerabilities (Windows)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.902011

Kategorie: Denial of Service

Titel: Sun Java System DSEE Multiple Vulnerabilities (Windows)

Zusammenfassung: This host is running Sun Java System Directory Server Enterprise; Edition (DSEE) and is prone to multiple vulnerabilities.

Beschreibung: Summary:
This host is running Sun Java System Directory Server Enterprise
Edition (DSEE) and is prone to multiple vulnerabilities.

Vulnerability Insight:
- An error in Directory Proxy Server may cause a client operation to
temporarily run with another client's privileges.

- An error in Directory Proxy Server can be exploited via specially crafted
packets to cause the service to stop responding to new client connections.

- An error in Directory Proxy Server can be exploited via a specially crafted
'psearch' client to exhaust available CPU resources, preventing the server
from sending results to other 'psearch' clients.

Vulnerability Impact:
Successful exploitation will allow attacker to gain knowledge of potentially
sensitive information or cause a Denial of Service.

Affected Software/OS:
Sun Java System DSEE version 6.0 through 6.3.1 on Windows.

Solution:
Apply patch 141958-01 or later for Sun Java System DSEE version 6.3.1.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 37481
Common Vulnerability Exposure (CVE) ID: CVE-2009-4440
http://www.securityfocus.com/bid/37481
http://www.securitytracker.com/id?1023389
http://secunia.com/advisories/37915
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1
http://www.vupen.com/english/advisories/2009/3647
Common Vulnerability Exposure (CVE) ID: CVE-2009-4441
Common Vulnerability Exposure (CVE) ID: CVE-2009-4442
Common Vulnerability Exposure (CVE) ID: CVE-2009-4443

Copyright Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.902011
Kategorie:	Denial of Service
Titel:	Sun Java System DSEE Multiple Vulnerabilities (Windows)
Zusammenfassung:	This host is running Sun Java System Directory Server Enterprise; Edition (DSEE) and is prone to multiple vulnerabilities.
Beschreibung:	Summary: This host is running Sun Java System Directory Server Enterprise Edition (DSEE) and is prone to multiple vulnerabilities. Vulnerability Insight: - An error in Directory Proxy Server may cause a client operation to temporarily run with another client's privileges. - An error in Directory Proxy Server can be exploited via specially crafted packets to cause the service to stop responding to new client connections. - An error in Directory Proxy Server can be exploited via a specially crafted 'psearch' client to exhaust available CPU resources, preventing the server from sending results to other 'psearch' clients. Vulnerability Impact: Successful exploitation will allow attacker to gain knowledge of potentially sensitive information or cause a Denial of Service. Affected Software/OS: Sun Java System DSEE version 6.0 through 6.3.1 on Windows. Solution: Apply patch 141958-01 or later for Sun Java System DSEE version 6.3.1. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 37481 Common Vulnerability Exposure (CVE) ID: CVE-2009-4440 http://www.securityfocus.com/bid/37481 http://www.securitytracker.com/id?1023389 http://secunia.com/advisories/37915 http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1 http://www.vupen.com/english/advisories/2009/3647 Common Vulnerability Exposure (CVE) ID: CVE-2009-4441 Common Vulnerability Exposure (CVE) ID: CVE-2009-4442 Common Vulnerability Exposure (CVE) ID: CVE-2009-4443
Copyright	Copyright (C) 2010 Greenbone Networks GmbH