Vulnerability Description
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Java Enterprise System | 2003q4 |
| Sun | Java System Directory Server | 5.2 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/25048Vendor Advisory
- http://securitytracker.com/id?1016294
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1
- http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html
- http://www.securityfocus.com/bid/18604
- http://www.securityfocus.com/bid/20846
- http://www.vupen.com/english/advisories/2007/1573Vendor Advisory
- http://secunia.com/advisories/25048Vendor Advisory
- http://securitytracker.com/id?1016294
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1
- http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html
- http://www.securityfocus.com/bid/18604
- http://www.securityfocus.com/bid/20846
FAQ
What is CVE-2006-3127?
CVE-2006-3127 is a vulnerability with a CVSS score of 7.8 (HIGH). Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of serv...
How severe is CVE-2006-3127?
CVE-2006-3127 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3127?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Java Enterprise System, Sun Java System Directory Server.