{"vuid":"VU#195644","idnumber":"195644","name":"Sun ONE Directory Server \"ns-ldapd\" can be terminated by unprivileged user","keywords":["Sun","ONE Directory Server","LDAP","ns-ldap","unprivileged user","DoS","denial of service"],"overview":"A denial-of-service vulnerability exists in the Sun ONE Directory Server. This vulnerability may allow a remote attacker to effectively terminate directory services on the affected host.","clean_desc":"Sun describes the Sun ONE Directory Server as\na software product that provides a central repository for storing and managing identity profiles, access privileges and application and network resource information. Information stored in the Sun ONE Directory Server can be used for the authentication and authorization of users to enable secure access to enterprise and Internet services and applications. A vulnerability exists in ns-ldapd (a directory service process). For more information, please see Sun Alert 52102.","impact":"This vulnerability may allow a remote attacker to effectively terminate directory services on the affected host.","resolution":"Apply a patch.","workarounds":"","sysaffected":"","thanks":"The CERT/CC thanks Sun Microsystems for publishing information upon which this document is based.","author":"This document was written by Ian A Finlay.","public":["http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F52102&zone_32=category%3Asecurity","http://wwws.sun.com/software/products/directory_srvr/home_directory.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-05-02T13:25:47Z","publicdate":"2003-04-30T00:00:00Z","datefirstpublished":"2003-05-02T17:07:29Z","dateupdated":"2003-05-07T12:33:05Z","revision":6,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"3","cam_easeofexploitation":"10","cam_attackeraccessrequired":"15","cam_scorecurrent":"3.1640625","cam_scorecurrentwidelyknown":"3.796875","cam_scorecurrentwidelyknownexploited":"6.328125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":3.1640625,"vulnote":null}