CVE-2005-3269

Name of the Vulnerable Software and Affected Versions Sun Java System Directory Server versions 5.2 2003Q4 through 5.2 2005Q1 Red Hat Directory Server (affected versions not specified) Certificate Server versions prior to 7.1 SP1 Sun ONE Directory Server versions 5.1 SP4 and earlier Sun ONE Administration Server version 5.2

Description The issue is a stack-based buffer overflow in the help.cgi component of the HTTP administrative interface. This can be exploited by remote attackers to cause a denial of service, resulting in the admin server crashing. Local users can also exploit this issue to gain root privileges.

Recommendations For Sun Java System Directory Server versions 5.2 2003Q4 through 5.2 2005Q1, update to a version later than 5.2 2005Q1. For Red Hat Directory Server, contact the vendor for a fix. For Certificate Server versions prior to 7.1 SP1, update to version 7.1 SP1 or later. For Sun ONE Directory Server versions 5.1 SP4 and earlier, update to a version later than 5.1 SP4. For Sun ONE Administration Server version 5.2, update to a version later than 5.2.