{ "id": "CVE-2005-3269", "sourceIdentifier": "secalert@redhat.com", "published": "2005-10-20T23:02:00.000", "lastModified": "2017-07-11T01:33:08.610", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-119" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2003q4:*:*:*:*:*:*", "matchCriteriaId": "F8A63139-DAC4-4748-8A20-18FE72C6E93A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2004q2:*:*:*:*:*:*", "matchCriteriaId": "DCF5317C-051B-4906-8438-DEA07EE4D757" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2005q1:*:*:*:*:*:*", "matchCriteriaId": "2FCAD34C-19EB-429A-A41D-0DC1F0999154" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4:*:*:*:*:*:*", "matchCriteriaId": "BE6D70A5-A2AE-4142-86C7-A3D15C155801" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2:*:*:*:*:*:*", "matchCriteriaId": "5F64D5A0-9BED-497F-9C90-B4F404A699A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*", "matchCriteriaId": "1C4F9948-4A6A-4C68-8CDA-AF34ACA12D5F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_administration_server:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A099D284-A1C4-474D-ABF9-84DEC377D18B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:4.16:*:*:*:*:*:*:*", "matchCriteriaId": "9F3F2846-7A02-42A4-AE19-FCE28706FA9A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:4.16:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA43DD25-AACA-4F63-A8E5-0CAA58C27BBA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "80BB5338-F78C-4140-8F60-8BB0F9ADDF7C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "F94220C9-8EFC-4491-A530-033EF32AEAEC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.0_sp2:*:*:*:*:*:*:*", "matchCriteriaId": "A548BEA7-2592-49F0-BEE8-B077AFF7F8F4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8EBB854A-6951-4CA7-87BB-919B56F88ECB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:x86:*:*:*:*:*", "matchCriteriaId": "67D5A7FC-7F6B-461D-AD96-3A42036A91D1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "3F12275A-86ED-4CB9-9849-BA3D3BF21A0C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "30214F09-1DD9-4A04-AE86-F5FCC006BD92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "8589402C-4E79-4615-A00B-F83B0508F6AF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp3:x86:*:*:*:*:*", "matchCriteriaId": "7ED2C81F-7B2E-4FC5-A521-BE156F00B5CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "4E773228-F889-48A4-98DC-44BB5E746CC4" } ] } ] } ], "references": [ { "url": "http://marc.info/?l=bugtraq&m=112862037500012&w=2", "source": "secalert@redhat.com" }, { "url": "http://marc.info/?l=bugtraq&m=113815459026080&w=2", "source": "secalert@redhat.com" }, { "url": "http://securityreason.com/securityalert/367", "source": "secalert@redhat.com" }, { "url": "http://securityreason.com/securityalert/51", "source": "secalert@redhat.com" }, { "url": "http://securitytracker.com/id?1015014", "source": "secalert@redhat.com" }, { "url": "http://securitytracker.com/id?1015536", "source": "secalert@redhat.com" }, { "url": "http://securitytracker.com/id?1015537", "source": "secalert@redhat.com" }, { "url": "http://securitytracker.com/id?1015538", "source": "secalert@redhat.com" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1", "source": "secalert@redhat.com", "tags": [ "Patch" ] }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1", "source": "secalert@redhat.com" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/bid/15013", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/bid/16345", "source": "secalert@redhat.com" }, { "url": "http://www.vupen.com/english/advisories/2005/1988", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311", "source": "secalert@redhat.com" } ] }