Denial of Service Vulnerability in Sun Java System Directory Server 5.2
CVE-2006-0647

Currently unrated

Key Information:

Vendor

Oracle
Status
Java System Directory Server
Vendor
CVE Published:
13 February 2006

What is CVE-2006-0647?

The Sun Java System Directory Server 5.2, which runs on Linux and potentially other operating systems, is susceptible to a denial of service attack. Attackers can exploit this vulnerability by sending a specially crafted LDAP packet containing a subtree search request. This triggers a memory allocation error in the server, leading to service disruptions. The exploit has been demonstrated using the ProtoVer LDAP test suite, highlighting the need for immediate attention to secure the directory service against such attacks.

References

http://secunia.com/advisories/18769
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/24605
vdb-entryx_refsource_XF
http://lists.immunitysec.com/pipermail/dailydave/2006-Feb...
mailing-listx_refsource_MLIST

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.