Sun directory server memory corruption - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Sun directory server memory corruption
Published: 24.03.2007
Source: BUGTRAQ
SecurityVulns ID: 7462
Type: remote
Level: 6/10
Description: free() function is called for non-innitialized pointer.

Affected: SUN : Sun Java System Directory Server 5.2
CVE: CVE-2006-4175 (The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations.)

Original document IDEFENSE, iDefense Security Advisory 03.23.07: Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability (24.03.2007)

Discuss: Read or add your comments to this news (0 comments)

test server