CVE-2009-2856

Metadata

CVE-2009-2856
3.5
sunsolve.sun.com, sunsolve.sun.com, vupen.com
2009-08-18
2017-06-06 20:20

Description

Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.

Related Vulnerabilities