Format String Vulnerability in iPlanet Directory Server by Sun Microsystems
CVE-2001-1308

Currently unrated

Key Information:

Vendor: Oracle
Status: Iplanet Directory Server
Vendor: CVE Published:; 16 July 2001

What is CVE-2001-1308?

The iPlanet Directory Server versions 4.1.4 and earlier are susceptible to a format string vulnerability, which exposes the system to potential remote attacks. This vulnerability allows attackers to exploit the directory service, leading to a denial of service through a crash, and may enable them to execute arbitrary code. The risks are highlighted by tests from the PROTOS LDAPv3 suite, demonstrating the severity of this issue.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6898

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/3039

vdb-entryx_refsource_BID

http://www.cert.org/advisories/CA-2001-18.html

third-party-advisoryx_refsource_CERT

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Jul 16, 2001

Oracle

What is CVE-2001-1308?

References

EPSS Score

Timeline