Check Point Advisories

Update Protection against Sun Directory Server LDAP Denial of Service

Check Point Reference: CPAI-2006-323
Date Published: 31 Dec 2006
Severity: Critical
Last Updated: 31 Dec 2010
Industry Reference:CVE-2006-0647
Protection Provided by:
Who is Vulnerable? Sun Microsystems Java System Directory Server 5.2 SP4 and earlier
Sun Microsystems Solaris 9
Vulnerability Description There exists a vulnerability in the Sun Directory Server. The flaw is caused due to improper handling of certain overly large LDAP messages. An unauthenticated remote attacker may exploit this vulnerability by sending a crafted LDAP message to the target host which may terminate the affected LDAP server on the target system.
The target server process will terminate as a result of an attack. Consequently, all established connections will be disconnected and further connections will not be possible until the server is manually restarted.
Vulnerability DetailsSun Directory Server is a distributed directory server based on the Lightweight Directory Access Protocol (LDAP). The server listens for LDAP requests on a port specified during installation. The default port assigned to the server during installation is randomly selected.

Protection Overview