CVE-2009-4443

Name of the Vulnerable Software and Affected Versions Sun Java System Directory Server Enterprise Edition versions 6.0 through 6.3.1

Description The issue is related to an unspecified vulnerability in the psearch functionality of Directory Proxy Server in Sun Java System Directory Server Enterprise Edition. This vulnerability allows remote attackers to cause a denial of service by sending crafted requests that trigger a psearch thread loop.

Recommendations For versions 6.0 through 6.3.1, consider disabling the psearch functionality as a temporary workaround until a patch is available. Restrict access to the psearch client to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.