PT-2006-4023 · Oracle+1 · Sun Java System Directory Server+2
Publicado
2006-06-21
·
Atualizado
2011-03-07
·
CVE-2006-3127
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Network Security Services (NSS) version 3.11
Sun Java Enterprise System versions 2003Q4 through 2005Q1
Java System Directory Server version 5.2
Description
A memory leak in the Network Security Services (NSS) allows remote attackers to cause a denial of service by performing a large number of RSA cryptographic operations, leading to memory consumption.
Recommendations
For Network Security Services (NSS) version 3.11, consider restricting the number of RSA cryptographic operations to minimize the risk of exploitation.
For Sun Java Enterprise System versions 2003Q4 through 2005Q1, restrict access to RSA cryptographic operations until a fix is available.
For Java System Directory Server version 5.2, limit the number of concurrent RSA cryptographic operations to prevent memory consumption.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sun Java System Directory Server
Network Security Services
Sun Java Enterprise System