CVE-2005-3269

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=112862037500012&w=2
http://marc.info/?l=bugtraq&m=113815459026080&w=2
http://secunia.com/advisories/17092	Vendor Advisory
http://secunia.com/advisories/18590	Vendor Advisory
http://securityreason.com/securityalert/367
http://securityreason.com/securityalert/51
http://securitytracker.com/id?1015014
http://securitytracker.com/id?1015536
http://securitytracker.com/id?1015537
http://securitytracker.com/id?1015538
http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1	Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1
http://www.securityfocus.com/bid/15013
http://www.securityfocus.com/bid/16345
http://www.vupen.com/english/advisories/2005/1988	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24311
http://marc.info/?l=bugtraq&m=112862037500012&w=2
http://marc.info/?l=bugtraq&m=113815459026080&w=2
http://secunia.com/advisories/17092	Vendor Advisory
http://secunia.com/advisories/18590	Vendor Advisory
http://securityreason.com/securityalert/367
http://securityreason.com/securityalert/51
http://securitytracker.com/id?1015014
http://securitytracker.com/id?1015536
http://securitytracker.com/id?1015537
http://securitytracker.com/id?1015538
http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1	Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1
http://www.securityfocus.com/bid/15013
http://www.securityfocus.com/bid/16345
http://www.vupen.com/english/advisories/2005/1988	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24311

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2003q4::::::
	cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2004q2::::::
	cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2005q1::::::
	cpe:2.3:a:sun:java_system_directory_server:5.2:::::::*
	cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4::::::
	cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2::::::
	cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1::::::
	cpe:2.3:a:sun:one_administration_server:5.2:::::::*
	cpe:2.3:a:sun:one_directory_server:4.16:::::::*
	cpe:2.3:a:sun:one_directory_server:4.16:sp1::::::
	cpe:2.3:a:sun:one_directory_server:5.0:::::::*
	cpe:2.3:a:sun:one_directory_server:5.0:sp1::::::
	cpe:2.3:a:sun:one_directory_server:5.0_sp2:::::::*
	cpe:2.3:a:sun:one_directory_server:5.1:::::::*
	cpe:2.3:a:sun:one_directory_server:5.1::x86:::::
	cpe:2.3:a:sun:one_directory_server:5.1:sp1::::::
	cpe:2.3:a:sun:one_directory_server:5.1:sp2::::::
	cpe:2.3:a:sun:one_directory_server:5.1:sp3::::::
	cpe:2.3:a:sun:one_directory_server:5.1:sp3:x86:::::*
	cpe:2.3:a:sun:one_directory_server:5.1:sp4::::::

History

21 Nov 2024, 00:01

Information

Published : 2005-10-20 23:02

Updated : 2025-04-03 01:03

NVD link : CVE-2005-3269

Mitre link : CVE-2005-3269

CVE.ORG link : CVE-2005-3269

JSON object : View

Products Affected

sun

one_directory_server
java_system_directory_server
one_administration_server
java_system_directory_proxy_server

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2005-3269", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-10-20T23:02:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=112862037500012&w=2", "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=113815459026080&w=2", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/17092", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/18590", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://securityreason.com/securityalert/367", "source": "secalert@redhat.com"}, {"url": "http://securityreason.com/securityalert/51", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1015014", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1015536", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1015537", "source": "secalert@redhat.com"}, {"url": "http://securitytracker.com/id?1015538", "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1", "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/15013", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/16345", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2005/1988", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311", "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=112862037500012&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=113815459026080&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/17092", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18590", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/367", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/51", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015014", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015536", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015537", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015538", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/15013", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/16345", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2005/1988", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2003q4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8A63139-DAC4-4748-8A20-18FE72C6E93A"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2004q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCF5317C-051B-4906-8438-DEA07EE4D757"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2005q1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FCAD34C-19EB-429A-A41D-0DC1F0999154"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE6D70A5-A2AE-4142-86C7-A3D15C155801"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F64D5A0-9BED-497F-9C90-B4F404A699A5"}, {"criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C4F9948-4A6A-4C68-8CDA-AF34ACA12D5F"}, {"criteria": "cpe:2.3:a:sun:one_administration_server:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A099D284-A1C4-474D-ABF9-84DEC377D18B"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F3F2846-7A02-42A4-AE19-FCE28706FA9A"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:4.16:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA43DD25-AACA-4F63-A8E5-0CAA58C27BBA"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80BB5338-F78C-4140-8F60-8BB0F9ADDF7C"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F94220C9-8EFC-4491-A530-033EF32AEAEC"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.0_sp2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A548BEA7-2592-49F0-BEE8-B077AFF7F8F4"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EBB854A-6951-4CA7-87BB-919B56F88ECB"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:x86:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67D5A7FC-7F6B-461D-AD96-3A42036A91D1"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F12275A-86ED-4CB9-9849-BA3D3BF21A0C"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30214F09-1DD9-4A04-AE86-F5FCC006BD92"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8589402C-4E79-4615-A00B-F83B0508F6AF"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp3:x86:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ED2C81F-7B2E-4FC5-A521-BE156F00B5CF"}, {"criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E773228-F889-48A4-98DC-44BB5E746CC4"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

7.5 /10