Sun Java System Directory Proxy Server 6.x < 6.3.1.1 Multiple Vulnerabilities.

This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.


Synopsis :

The remote directory service is affected by multiple vulnerabilities.

Description :

The remote host is running the Sun Java System Directory Proxy
Server, an LDAP application-layer protocol gateway. It is typically
provided with Sun Java System Directory Server Enterprise Edition.

The installed version of Sun Java System Directory Proxy Server is
older than 6.3.1.1 and thus affected by multiple flaws :

- Under certain conditions, simultaneous long binds are
incorrectly assigned the same back-end connection. An
attacker may exploit this vulnerability to hijack
an authenticated user's session and perform unauthorized
operations. (CVE-2009-4440)

- 'SO_KEEPALIVE' socket option is not enabled, making it
possible for a remote attacker to trigger a denial of
service condition by exhausting available connection
slots. (CVE-2009-4441)

- 'max-client-connections' configuration setting is not
correctly implemented, making it possible for a remote
attacker to trigger a denial of service condition.
(CVE-2009-4442)

- An unspecified vulnerability in 'psearch' functionality
may allow an attacker to trigger a denial of service
condition. (CVE-2009-4443)

See also :

http://download.oracle.com/sunalerts/1021100.1.html

Solution :

Upgrade to Sun Java System Directory Server Enterprise Edition version 6.3.1
and then install patch 141958-01 or later.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.0
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 43615 ()

Bugtraq ID: 37481

CVE ID: CVE-2009-4440
CVE-2009-4441
CVE-2009-4442
CVE-2009-4443