CVE-2005-3269

SUN Java System Directory Proxy Server - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

References (17)

[Mailing List] http://marc.info/?l=bugtraq&m=112862037500012&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=113815459026080&w=2

[Vendor Advisory] http://secunia.com/advisories/17092

[Vendor Advisory] http://secunia.com/advisories/18590

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015014

[Patch] http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1

[Vendor Advisory] http://www.vupen.com/english/advisories/2005/1988

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/24311

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1

[Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15013

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/16345

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015536

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015537

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015538

[Third Party Advisory] http://securityreason.com/securityalert/367

[Third Party Advisory] http://securityreason.com/securityalert/51

Scores

EPSS 0.0453

EPSS Percentile 89.0%

Classification

CWE

CWE-119

Status draft

Affected Products (20)

sun/java_system_directory_proxy_server

sun/java_system_directory_proxy_server

sun/java_system_directory_proxy_server

sun/java_system_directory_server

sun/java_system_directory_server

sun/java_system_directory_server

sun/java_system_directory_server

sun/one_administration_server

sun/one_directory_server

sun/one_directory_server

sun/one_directory_server

sun/one_directory_server

sun/one_directory_server

sun/one_directory_server

sun/one_directory_server

... and 5 more

Timeline

Published Oct 20, 2005

Tracked Since Feb 18, 2026