Ian A Finlay

**Name of the Vulnerable Software and Affected Versions** Sun ONE Directory Server versions 4.16 through 5.1 **Description** The issue allows LDAP clients to cause a denial of service, resulting in the service halting. **Recommendations** For Sun ONE Directory Server versions 4.16 through 5.1, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.12 and earlier Description: The issue is related to a problem in the DCERPC (DCE/RPC) dissector, allowing remote attackers to cause a denial of service by consuming memory via a certain NDR string. Recommendations: For Ethereal versions 0.9.12 and earlier, consider updating to a version that is not affected by this issue, as no specific fix is provided for these versions.

Name of the Vulnerable Software and Affected Versions: Mac OS X versions prior to 10.2.6 Description: The issue is related to IPSec in Mac OS X, which does not properly handle certain incoming security policies that match by port. This could allow traffic that is not explicitly allowed by the policies. Recommendations: For Mac OS X versions prior to 10.2.6, update to version 10.2.6 or later to resolve the issue.