[VIM] ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability

security curmudgeon jericho at attrition.org
Sat Apr 17 09:39:41 UTC 2010


And follow-up:

: ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-10-073
: CVE-2010-0897

A third advisory associated with the same CVE.

Thanks,

Brian


On Sat, 17 Apr 2010, security curmudgeon wrote:

: 
: Hi ZDI,
: 
: : ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
: : http://www.zerodayinitiative.com/advisories/ZDI-10-074
: : CVE-2010-0897
: 
: : ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
: : http://www.zerodayinitiative.com/advisories/ZDI-10-075
: : CVE-2010-0897
: 
: Can you confirm these should have the same CVE? The CVE is currently vague 
: but specifies "Directory Service Markup Language" suggesting 075 is 
: correct, but the CVE associated with 074 is incorrect.
: 
: Brian
: OSVDB.org
: 


More information about the VIM mailing list