Vulnerability reported in Java System Directory Server
Vulnerability has been reported in Sun's Java System Directory Server by iDefense which can cause crash in a DoS attack. Due to this loophole hackers can even inject and execute malicious code. The security vulnerability is due to Directory server error which cannot handle certain types of failed queries in a proper manner and the attacker may cause vulnerable server to call the free function on a un initialized memory address while handling special request leading to denial of service. The threat is of moderate risk and can be remotely exploited.
Sun ONE Directory Server versions 5.x and Sun Java System Directory versions 5.x have been affected by this security threat. As of now the patch is not ready and in case the service crashes one should simply re launch it.