Lucene search

[email protected]CVE-2007-6742

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2007-6742

2022-10-0316:14:27

CWE-399

[email protected]

web.nvd.nist.gov

ibm

tivoli directory server

tds

cve-2007-6742

denial of service

nvd

6.2 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

49.8%

JSON

The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0006 does not properly perform certain sub filter parsing, which allows remote authenticated users to cause a denial of service (infinite loop) via a malformed search filter.

Affected configurations

NVD

Node

ibmtivoli_directory_serverMatch5.2.0

ibmtivoli_directory_serverMatch5.2.0.4

CPENameOperatorVersion
ibm:tivoli_directory_serveribm tivoli directory servereq5.2.0
ibm:tivoli_directory_serveribm tivoli directory servereq5.2.0.4

CPE	Name	Operator	Version
ibm:tivoli_directory_server	ibm tivoli directory server	eq	5.2.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	5.2.0.4

References

www.ibm.com/support/docview.wss?uid=swg1IO07450

www.ibm.com/support/docview.wss?uid=swg24029663

6.2 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for CVE-2007-6742

nvd1 cvelist1 prion1