In association with heise online

29 April 2008, 11:46

Vulnerability allows unauthorized administrative access in Sun Java System Directory Server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Sun Microsystems has warned in a security advisory of a vulnerability in Java System Directory Server that could allow unprivileged users to gain administrative access to the server. The vulnerability is caused by the server incorrectly classifying a connection based on the bind-dn criteria, resulting in an incorrect policy being applied.

The problem affects Java System Directory Server 6.0, 6.1 and 6.2 on all supported platforms. The advisory claims that Version 5.2 is not affected. Sun has provided updates to Version 6.3, which resolve the issue. Administrators should apply this update as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit