CVE-2009-2856

Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:sun:virtual_desktop_infrastructure:3.0:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:sun:virtual_desktop_infrastructure:3.0:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*

Information

Published : 2009-08-18 15:30

Updated : 2009-08-21 08:25


NVD link : CVE-2009-2856

Mitre link : CVE-2009-2856


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

sun

  • virtual_desktop_infrastructure
  • solaris