CVE-2006-4175

The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations.

Published: Mar 27, 2007
Updated: Apr 13, 2023
CVE: CVE-2006-4175
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-824

Affected Software
References

Software	From	Fixed in
sun / java_system_directory_server	5.2	5.2.x
sun / one_directory_server	5.1	5.1.x
sun / one_directory_server	5.2	5.2.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491
http://secunia.com/advisories/24634
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1
http://www.osvdb.org/33524
http://www.securityfocus.com/bid/23117
http://www.securitytracker.com/id?1017814
http://www.vupen.com/english/advisories/2007/1090
https://exchange.xforce.ibmcloud.com/vulnerabilities/33189

Vulnerability Database

289,697

CVE-2006-4175