Note: This is an archival copy of Security Sun Alert 201616 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001213.1. |
Category Security Release Phase Resolved 4957279 Date of Resolved Release 10-AUG-2004 Impact An issue in ASN.1 parsing may be exploited by a local or remote unprivileged user to create a Denial-Of-Service condition in the Sun Java System Directory Server (formerly Sun ONE Directory Server). Note: Sun ONE Admin Server (delivered with Sun Java System Directory Server), is also affected by this issue. This issue is also described in CERT Vulnerability VU#104280 at http://www.kb.cert.org/vuls/id/104280, which is referenced in CERT Advisory CA-2003-26 at http://www.cert.org/advisories/CA-2003-26.html. Also see the NISCC Vulnerability Advisory 006489/TLS at http://www.uniras.gov.uk/vuls/2003/006489/tls.htm. Contributing Factors This issue can occur in the following releases: Sun ONE bundled with Solaris
Sun ONE unbundled
Note: For applicable architectures and OS versions, refer to http://wwws.sun.com/software/download/inter_ecom.html. Symptoms Should the described issue occur, the Sun Java System Directory Server (application) may crash. Workaround There is no workaround for this issue. Please see the "Resolution" section. Resolution This issue is addressed in the following releases: Sun ONE bundled with Solaris
Sun ONE unbundled
Modification History References113859-03114273-03 Attachments This solution has no attachment |
|