CVE-2005-3269

EPSS 4.53%
Veröffentlicht 20.10.2005 23:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 20

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sun ≫ Java System Directory Proxy Server Version5.2 Update2003q4

Sun ≫ Java System Directory Proxy Server Version5.2 Update2004q2

Sun ≫ Java System Directory Proxy Server Version5.2 Update2005q1

Sun ≫ Java System Directory Server Version5.2

Sun ≫ Java System Directory Server Version5.2 Update2003q4

Sun ≫ Java System Directory Server Version5.2 Update2004q2

Sun ≫ Java System Directory Server Version5.2 Update2005q1

Sun ≫ One Administration Server Version5.2

Sun ≫ One Directory Server Version4.16

Sun ≫ One Directory Server Version4.16 Updatesp1

Sun ≫ One Directory Server Version5.0

Sun ≫ One Directory Server Version5.0 Updatesp1

Sun ≫ One Directory Server Version5.0_sp2

Sun ≫ One Directory Server Version5.1

Sun ≫ One Directory Server Version5.1 Editionx86

Sun ≫ One Directory Server Version5.1 Updatesp1

Sun ≫ One Directory Server Version5.1 Updatesp2

Sun ≫ One Directory Server Version5.1 Updatesp3

Sun ≫ One Directory Server Version5.1 Updatesp3 Editionx86

Sun ≫ One Directory Server Version5.1 Updatesp4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.53%	0.881

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://marc.info/?l=bugtraq&m=112862037500012&w=2

http://marc.info/?l=bugtraq&m=113815459026080&w=2

http://secunia.com/advisories/17092

Vendor Advisory

http://secunia.com/advisories/18590

Vendor Advisory

http://securityreason.com/securityalert/367

http://securityreason.com/securityalert/51

http://securitytracker.com/id?1015014

http://securitytracker.com/id?1015536

http://securitytracker.com/id?1015537

http://securitytracker.com/id?1015538