CVE-2009-0609
Sun Java System Directory Server Enterprise Edition <6.3 - DoS
Title source: llmDescription
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/33761
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33923
Patch, Vendor Advisory x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1
Scores
EPSS
0.0074
EPSS Percentile
73.2%
Details
CWE
CWE-20
Status
published
Products (4)
sun/java_system_directory_server
6.0 enterprise
sun/java_system_directory_server
6.1 enterprise
sun/java_system_directory_server
6.2 enterprise
sun/java_system_directory_server
6.3 enterprise
Published
Feb 17, 2009
Tracked Since
Feb 18, 2026