exploitDog

CVE-2009-4442

Опубликовано: 28 дек. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*

cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*

cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*

cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*

cpe:2.3:a:sun:java_system_directory_server:6.3.1:enterprise:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01331

Низкий

5 Medium

CVSS2

Дефекты

CWE-16

Связанные уязвимости

GHSA-92g7-p9j3-942v

github

почти 4 года назад

Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.

EPSS

Процентиль: 80%

0.01331

Низкий

5 Medium

CVSS2

Дефекты

CWE-16