CVE-2005-3269

Sažetak

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

Reference

http://marc.info/?l=bugtraq&m=112862037500012&w=2
http://marc.info/?l=bugtraq&m=113815459026080&w=2
http://secunia.com/advisories/17092
http://secunia.com/advisories/18590
http://securityreason.com/securityalert/367
http://securityreason.com/securityalert/51
http://securitytracker.com/id?1015014
http://securitytracker.com/id?1015536
http://securitytracker.com/id?1015537
http://securitytracker.com/id?1015538
http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1
http://www.securityfocus.com/bid/15013
http://www.securityfocus.com/bid/16345
http://www.vupen.com/english/advisories/2005/1988
https://exchange.xforce.ibmcloud.com/vulnerabilities/24311

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:33

Objavljeno

20-10-2005 - 23:02