Vulnerability in Sun Virtual Desktop Infrastructure Allows Unauthorized Data Access
CVE-2009-2856

Currently unrated

Key Information:

Vendor

Oracle
Status
Virtual Desktop Infrastructure
Vendor
CVE Published:
18 August 2009

What is CVE-2009-2856?

The Sun Virtual Desktop Infrastructure (VDI) 3.0 suffers from an improper input handling vulnerability when anonymous binding is enabled. This flaw allows remote attackers to intercept and read VDI configuration data requests in cleartext by sniffing LDAP sessions on the network. It poses a significant risk as attackers can exploit this to obtain sensitive configuration information, potentially leading to further exploitation within the affected environment.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2009/2282
vdb-entryx_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
http://secunia.com/advisories/36330
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.