CVE-2005-3269 Information

Description

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4 2004Q2 and 2005Q1 (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1 (4) Sun ONE Directory Server 5.1 SP4 and earlier and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash) or local users to gain root privileges.

Reference

http://marc.info/?l=bugtraq&m=112862037500012&w=2 http://marc.info/?l=bugtraq&m=113815459026080&w=2 http://secunia.com/advisories/17092 http://secunia.com/advisories/18590 http://securityreason.com/securityalert/367 http://securityreason.com/securityalert/51 http://securitytracker.com/id?1015014 http://securitytracker.com/id?1015536 http://securitytracker.com/id?1015537 http://securitytracker.com/id?1015538 http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1 http://www.securityfocus.com/bid/15013 http://www.securityfocus.com/bid/16345 http://www.vupen.com/english/advisories/2005/1988 https://exchange.xforce.ibmcloud.com/vulnerabilities/24311