|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725
|
| |
Vulnerable Systems:
* Oracle Internet Directory for Windows version 10.1.4.0.1 with the April 2007 CPU installed
Internet Directory consists of two processes. One process acts as a listener. It handles incoming connections and passes them off to the second process. The second process, which handles requests, contains the vulnerability.
When processing a malformed LDAP request, it is possible to cause the handler to dereference a NULL pointer. This results in the process crashing. Future connection requests will be accepted by the listener process, and then immediately closed when it finds that there is no handler process running.
Analysis:
Exploitation of this vulnerability allows an attacker to deny service to legitimate users of the directory server. In order to exploit this issue, an attacker must be able to establish an LDAP session with the vulnerable server. This is typically done via TCP port 389 or the SSL-enabled TCP port 636. No authentication is needed. In order to restore functionality, the listener process must be stopped and restarted.
Vendor response:
Oracle Corp. has addressed this vulnerability with the release of their July 2008 Critical Patch Update. For more information, visit the following URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2008.html
CVE Information:
CVE-2008-2595
Disclosure timeline:
05/11/2007 - Initial vendor notification
05/11/2007 - Initial vendor response
07/15/2008 - Coordinated public disclosure
|
|
|
|
|
