Denial of Service Vulnerability in Sun Java System Directory Proxy Server by Sun Microsystems
CVE-2009-0609

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Directory Server
Vendor: CVE Published:; 17 February 2009

Summary

The Sun Java System Directory Proxy Server in the Sun Java System Directory Server Enterprise Edition versions 6.0 to 6.3 has a vulnerability that does not properly handle long values in ADD operations or long string attributes when using JDBC data sources. This flaw can be exploited by remote attackers sending crafted LDAP requests, potentially leading to a denial of service by causing a JDBC backend outage.

References

http://www.securityfocus.com/bid/33761

vdb-entryx_refsource_BID

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://secunia.com/advisories/33923

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 17, 2009