Access Control Vulnerability in Sun Java System Directory Proxy Server by Sun Microsystems
CVE-2008-1995

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Directory Server
Vendor: CVE Published:; 28 April 2008

What is CVE-2008-1995?

The Sun Java System Directory Proxy Server versions 6.0, 6.1, and 6.2 contains a vulnerability that allows an attacker to exploit the 'bind-dn' criteria to circumvent intended access policies. This leads to unauthorized access and manipulation of server resources, enabling malicious actors to perform actions that could compromise the integrity and confidentiality of the server's data.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.vupen.com/english/advisories/2008/1374/references

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/28941

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 28, 2008
Vulnerability Reserved
Apr 28, 2008

Oracle

What is CVE-2008-1995?

References

Timeline