Note: This is an archival copy of Security Sun Alert 270789 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1021100.1.
Article ID : 1021100.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-01-19
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data

Category
Security

Release Phase
Resolved

Bug Id
6828462, 6823593, 6782659, 6855978, 6648665

Product
Sun Java System Directory Server Enterprise Edition 6.0
Sun Java System Directory Server Enterprise Edition 6.1
Sun Java System Directory Server Enterprise Edition 6.2
Sun Java System Directory Server Enterprise Edition 6.3

Date of Resolved Release
23-Dec-2009

Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data

1. Impact

Multiple security vulnerabilities in the Directory Proxy Server provided with Directory Server Enterprise Edition 6.x may allow a remote unprivileged user to do the following:

- cause a client operation to run temporarily with another client's privileges under certain circumstances
- cause the server to stop responding to new client connections, using specially forged packets
- prevent the server from sending results to other 'psearch' clients using a specially designed 'psearch' client"

2. Contributing Factors

These issues can occur in the following releases (for Solaris 9 and 10 on SPARC and x86 platforms, for Linux, and Windows):

PatchZIP (Compressed Archive) and Native package versions:
  • Sun Java System Directory Server Enterprise Edition 6.0
  • Sun Java System Directory Server Enterprise Edition 6.1
  • Sun Java System Directory Server Enterprise Edition 6.2
  • Sun Java System Directory Server Enterprise Edition 6.3
  • Sun Java System Directory Server Enterprise Edition 6.3.1 without patch 141958-01
Note: Sun Java System Directory Server 5.2 is not affected by this issue.

To determine if the Directory Proxy Server part of Directory Server Enterprise Edition running on a system is affected, the following command can be used:
$ dpadm -V
If the output contains the version string 6.0, 6.1, 6.2, 6.3 or 6.3.1, the system is affected by this issue.

 3. Symptoms

If the server is affected by these vulnerabilities, the following symptoms can be seen:

- A client operation running temporarily with another client's privileges may fail if temporary privileges are not suitable.
- The server doesn't answer to new client connections until restarted and messages are logged in the error log.
- The server consumes 100% of a given Core/CPU and psearch clients do not receive updates.

4. Workaround

There is no workaround for these issues. Please see the Resolution section below.

5. Resolution

These issues are addressed in the following release (for Solaris 9 and 10 on SPARC and x86 platforms, for Linux, and Windows):
  • Sun Java System Directory Server Enterprise Edition 6.3.1 with patch 141958-01 or later
Systems with Sun Java System Directory Server Enterprise Edition versions before 6.3.1 are recommended to upgrade to 6.3.1 and then install the resolution patch listed above.

The upgrade procedure is described in "Sun Java System Directory Server Enterprise Edition 6.3.1 Release Notes" in Chapter 2 at:
For more information on Security Sun Alerts, see 1009886.1.

This Sun Alert notification is being provided to you on an "AS IS" basis. This Sun Alert notification may contain information provided by third parties. The issues described in this Sun Alert notification may or may not impact your system(s). Sun makes no representations, warranties, or guarantees as to the information contained herein. ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification contains Sun proprietary and confidential information. It is being provided to you pursuant to the provisions of your agreement to purchase services from Sun, or, if you do not have such an agreement, the Sun.com Terms of Use. This Sun Alert notification may only be used for the purposes contemplated by these agreements.

Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.

References

141958-01





Attachments
This solution has no attachment