Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-0313

5 documents4 sources

Severity

5.0MEDIUM

EPSS

8.9%

top 7.45%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

SUN Java System Directory Server

Timeline

PublishedJan 14

Latest updateMay 2

Description

The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsun/java_system_directory_server7.0

🔴Vulnerability Details

GHSA

GHSA-pxhw-m5jj-mmp6: The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7↗2022-05-02

▶

CVEList

CVE-2010-0313: The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7↗2010-01-14

▶

💥Exploits & PoCs

Exploit-DB

PSOProxy 0.91 - Stack Buffer Overflow (Metasploit)↗2010-05-09

▶

Exploit-DB

Sun Java System Directory Server 7.0 - 'core_get_proxyauth_dn' Denial of Service↗2010-01-10

▶