Buffer overflow in Sun Java_system_directory_proxy_server

CVE-2005-3269

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Direc…

Vulnerability class: Buffer Overflow

EPSS: 0.031 (86.3th percentile) — read the EPSS interpretation.

Affected products

Sun Java_system_directory_proxy_server — versions 5.2
Sun Java_system_directory_server — versions 5.2
Sun One_administration_server — versions 5.2
Sun One_directory_server — versions 4.16, 5.0, 5.0_sp2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ)
secalert@redhat.com (vdb-entry, x_refsource_BID)
secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secalert@redhat.com (x_refsource_SREASON, third-party-advisory)
secalert@redhat.com (vdb-entry, x_refsource_BID)
secalert@redhat.com (vendor-advisory, x_refsource_SUNALERT)
secalert@redhat.com (x_refsource_SREASON, third-party-advisory)
secalert@redhat.com (vdb-entry, x_refsource_XF)