CVE-2010-0708

Name of the Vulnerable Software and Affected Versions Sun Directory Server Enterprise Edition versions 6.0 through 6.3.1 Sun Java System Directory Server version 5.2 Sun Directory Server Enterprise Edition version 7.0

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, via a crafted LDAP search request. This can be achieved by exploiting unspecified vulnerabilities in the ns-slapd and slapd.exe components.

Recommendations For Sun Directory Server Enterprise Edition versions 6.0 through 6.3.1, consider restricting access to the LDAP search functionality until a fix is available. For Sun Java System Directory Server version 5.2, avoid using the vulnerable ns-slapd and slapd.exe components in production environments until a patch is released. For Sun Directory Server Enterprise Edition version 7.0, as a temporary workaround, consider disabling the LDAP search functionality to minimize the risk of exploitation.