CVE-2008-1995

Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
sunjava_system_directory_server
6.0
sunjava_system_directory_server
6.1
sunjava_system_directory_server
6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29978
http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1
http://www.securityfocus.com/bid/28941
http://www.securitytracker.com/id?1019925
http://www.vupen.com/english/advisories/2008/1374/references
http://secunia.com/advisories/29978
http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1
http://www.securityfocus.com/bid/28941
http://www.securitytracker.com/id?1019925
http://www.vupen.com/english/advisories/2008/1374/references