Post Sat Feb 14, 2009 12:56 am

Sun Java System Directory Server Directory Proxy Server Denial of Service

A vulnerability has been reported in Sun Java System Directory Server, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in the Sun Java System Directory Proxy Server. This can be exploited via specially crafted LDAP requests to cause the server to become unresponsive to certain requests implying a JDBC backend.

The vulnerability is reported in Sun Java System Directory Server Enterprise Edition 6.0, 6.1, 6.2, and 6.3 for Solaris 9 and 10 on SPARC and x86 platforms, Linux, Windows, HP-UX, and AIX.

Solution:
Update to Sun Java System Directory Server Enterprise Edition 6.3.1 or apply patches.
http://secunia.com/advisories/33923/