CVE-2009-4442

Name of the Vulnerable Software and Affected Versions Sun Java System Directory Server Enterprise Edition versions 6.0 through 6.3.1

Description The issue is related to the Directory Proxy Server (DPS) not properly implementing the max-client-connections configuration setting. This allows remote attackers to cause a denial of service by making multiple connections and performing no operations on these connections.

Recommendations For Sun Java System Directory Server Enterprise Edition versions 6.0 through 6.3.1, consider restricting the number of client connections to prevent connection slot exhaustion until a proper fix is applied. As a temporary workaround, limit the number of concurrent connections to the Directory Proxy Server to minimize the risk of exploitation.