LDAP: Sun LDAP Format String in Request
This signature detects malicious format strings in requested LDAP names. Multiple servers are affected by this vulnerability, including Sun LDAP. A successful exploit can cause a denial-of-service condition or, in some cases, arbitrary remote code execution.
Extended Description
Sun ONE Directory Server is prone to a remote denial-of-service vulnerability. This issue is due to the application's failure to handle malformed network traffic. This issue allows remote attackers to crash the application, denying service to legitimate users.
Affected Products
Sun java_system_directory_server
Short Name
LDAP:SUN-REQ-FS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
LDAP
Keywords
CVE-2006-0647 Format LDAP Request String Sun bid:16550 in
Release Date
05/03/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Sun
CVSS Score
5.0