CVE-2010-0708

Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1	Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1	Patch Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/56603

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:java_system_directory_server:5.2:::::::*
	cpe:2.3:a:sun:java_system_directory_server:6.0:-:enterprise:::::*
	cpe:2.3:a:sun:java_system_directory_server:6.1:-:enterprise:::::*
	cpe:2.3:a:sun:java_system_directory_server:6.2:-:enterprise:::::*
	cpe:2.3:a:sun:java_system_directory_server:6.3:-:enterprise:::::*
	cpe:2.3:a:sun:java_system_directory_server:6.3.1:-:enterprise:::::*
	cpe:2.3:a:sun:java_system_directory_server:7.0:-:enterprise:::::*

History

No history.

Information

Published : 2010-02-25 19:30

Updated : 2024-02-28 11:41

NVD link : CVE-2010-0708

Mitre link : CVE-2010-0708

CVE.ORG link : CVE-2010-0708

JSON object : View

Products Affected

sun

java_system_directory_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-0708", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-02-25T19:30:00.593", "references": [{"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56603", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades sin especificar en (1) ns-slapd y (2) slapd.exe en Sun Directory Server Enterprise Edition v7.0, Sun Java System Directory Server v5.2, y Sun Java System Directory Server Enterprise Edition v6.0 a la v6.3.1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de una petici\u00f3n de b\u00fasqueda manipulada en el LDAP."}], "lastModified": "2017-08-17T01:32:04.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFA6F380-C826-423E-8B99-39B056BEFD2C"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6AF40DE-2C28-48BD-A93E-078EC80712F4"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75632022-B1ED-4B27-83AF-D9F1C9B1729C"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A8544AD-C036-40BD-8EF9-A0E00D1774D9"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3.1:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DCA0476-98E5-4115-BE10-56BBD0ECA4E2"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:7.0:-:enterprise:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69B638E7-EEF6-4080-BCEE-83EDA0FED964"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}