In association with heise online

27 October 2008, 14:15

Sun patches Java System LDAP JDK

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Sun Microsystems has reported a security problem with its Java System LDAP Java Development Kit. The problem allows local unprivileged users to gain to access unauthorised information when using applications built with the LDAP JDK. The problem is caused by a flaw in the search feature of the LDAP JDK.

According to the vendor, the hole can be exploited in LDAP JDK 4.19 for Sun Java System Access Manager 7 2005Q4, 7.1 and 6 2005Q1 (each for Solaris 8,9 and 10 as well as Red Hat Enterprise Linux 2.1). The problem also affects LDAP JDK 4.19 for HP-UX and Windows. Patches for the respective platforms resolve the vulnerability.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit