CVE-2008-1995

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Directory Server
Vendor: CVE Published:; 28 April 2008

Summary

Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.vupen.com/english/advisories/2008/1374/references

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/28941

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 28, 2008
Vulnerability Reserved
Apr 28, 2008