Lucene search

[email protected]CVE-2005-3567

HistoryNov 16, 2005 - 7:42 a.m.

CVE-2005-3567

2005-11-1607:42:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2005-3567

slapd

ibm tivoli directory server

itds

authentication bypass

data modification

nvd

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.5%

JSON

slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors.

Affected configurations

NVD

Node

ibmtivoli_directory_serverMatch5.2.0

ibmtivoli_directory_serverMatch6.0

CPENameOperatorVersion
ibm:tivoli_directory_serveribm tivoli directory servereq5.2.0
ibm:tivoli_directory_serveribm tivoli directory servereq6.0

CPE	Name	Operator	Version
ibm:tivoli_directory_server	ibm tivoli directory server	eq	5.2.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0

References

secunia.com/advisories/17484

securitytracker.com/id?1015171

www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24010819&loc=en_US&cs=UTF-8&lang=en

www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247

www-1.ibm.com/support/docview.wss?uid=swg21222159

www-1.ibm.com/support/search.wss?rs=0&q=IO02697&apar=only

www-1.ibm.com/support/search.wss?rs=0&q=IO02714&apar=only

www.kb.cert.org/vuls/id/194753

www.osvdb.org/20672

www.securityfocus.com/bid/15367

www.vupen.com/english/advisories/2005/2356

exchange.xforce.ibmcloud.com/vulnerabilities/22989

5.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.5%

JSON

Related for CVE-2005-3567

nvd2 cvelist1 cve1