Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.

Synopsis :

The remote LDAP server is affected by a denial of service vulnerability.

Description :

The remote host is running the Sun Java System Directory Server, an
LDAP server from Sun Microsystems.

The installed version is older than 6.3.1, and the proxy server
included with such versions is reportedly affected by a denial of
service vulnerability. By sending a specially crafted request to the
JDBC backend through the proxy server, an unauthenticated, remote
attacker may be able to trigger a denial of service condition.

See also :

Solution :

Upgrade to Sun Java System Directory Server version 6.3.1.

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false

Family: Denial of Service

Nessus Plugin ID: 35688 ()

Bugtraq ID: 33761

CVE ID: CVE-2009-0609

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial