Sun JRE Integer Wraparound Bug in InitialDirContext() Lets Remote Users Deny Service
Version(s): 1.4.2, 1.5.0
Description: A denial of service vulnerability was reported in Sun's Java Runtime Environment (JRE) in the processing of DNS lookups. A remote user can cause the target service to become unstable.
Kurt Huwig of iKu reported that there is an integer wraparound error in the InitialDirContext() function when performing DNS lookups. If a remote user can cause more than 32768 lookups, denial of service conditions may occur.
Impact: A remote user can cause the target service to become unstable.
Solution: No solution was available at the time of this entry.
Kerio Personal Firewall Unspecified Packet Processing Bug May Let Remote Users Deny Service
Version(s): prior to 4.1.2
Description: A vulnerability was reported in Kerio Personal Firewall. A remote user may be able to cause denial of service conditions.
The vendor reported that there is a packet processing flaw that can trigger 100% CPU utilization on the target system. No further details were provided.
Impact: A remote user may be able to cause excessive CPU utilization on the target system.
Solution: The vendor has issued a fixed version (4.1.2), available at: