CVE-2005-3269

Sun Java System Directory Server 5.2 2003Q4-2005Q1 - Stack-based Buffer Overflow in help.cgi

Title source: llm

Description

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

References (17)

Core 17

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015538

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=112862037500012&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15013

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015536

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/18590

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/367

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/16345

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/51

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/24311

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17092

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015014

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2005/1988

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=113815459026080&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015537

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1

Patch x_refsource_confirm

http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1

Scores

EPSS 0.0453

EPSS Percentile 89.3%

Details

CWE

CWE-119

Status published

Products (7)

sun/java_system_directory_proxy_server 5.2 2003q4 (3 CPE variants)

sun/java_system_directory_server 5.2 (4 CPE variants)

sun/one_administration_server 5.2

sun/one_directory_server 4.16 (2 CPE variants)

sun/one_directory_server 5.0 (2 CPE variants)

sun/one_directory_server 5.0_sp2

sun/one_directory_server 5.1 (7 CPE variants)

Published Oct 20, 2005

Tracked Since Feb 18, 2026