Lucene search

[email protected]CVE-2010-4217

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4217

2022-10-0316:21:06

CWE-399

[email protected]

web.nvd.nist.gov

ibm

tivoli

directory server

vulnerability

use-after-free

proxy server

remote attack

denial of service

ibm tivoli directory server

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.2%

JSON

Use-after-free vulnerability in the proxy server in IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 and 6.1.x before 6.1.0-TIV-ITDS-FP0005 allows remote attackers to cause a denial of service (daemon crash) via an unbind request that occurs during a certain search operation.

Affected configurations

NVD

Node

ibmtivoli_directory_serverMatch6.0.0.0

ibmtivoli_directory_serverMatch6.0.0.1

ibmtivoli_directory_serverMatch6.0.0.7

ibmtivoli_directory_serverMatch6.0.0.8

ibmtivoli_directory_serverMatch6.0.0.14

ibmtivoli_directory_serverMatch6.0.0.19

ibmtivoli_directory_serverMatch6.0.0.33

ibmtivoli_directory_serverMatch6.0.0.41

ibmtivoli_directory_serverMatch6.0.0.45

ibmtivoli_directory_serverMatch6.0.0.52

ibmtivoli_directory_serverMatch6.0.0.53

ibmtivoli_directory_serverMatch6.0.0.54

ibmtivoli_directory_serverMatch6.0.0.55

ibmtivoli_directory_serverMatch6.0.0.56

ibmtivoli_directory_serverMatch6.0.0.57

ibmtivoli_directory_serverMatch6.0.0.58

ibmtivoli_directory_serverMatch6.0.0.59

ibmtivoli_directory_serverMatch6.0.0.60

ibmtivoli_directory_serverMatch6.0.0.61

ibmtivoli_directory_serverMatch6.0.0.62

ibmtivoli_directory_serverMatch6.0.0.63

ibmtivoli_directory_serverMatch6.0.0.64

ibmtivoli_directory_serverMatch6.1.0.0

ibmtivoli_directory_serverMatch6.1.0.5

CPENameOperatorVersion
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.0
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.1
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.7
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.8
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.14
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.19
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.33
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.41
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.45
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.52

CPE	Name	Operator	Version
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.1
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.7
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.8
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.14
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.19
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.33
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.41
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.45
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.52

Rows per page:

1-10 of 241

References

secunia.com/advisories/42083

securitytracker.com/id?1024670

www-01.ibm.com/support/docview.wss?uid=swg1IO13282

www-01.ibm.com/support/docview.wss?uid=swg1IO13364

www.osvdb.org/68964

www.securityfocus.com/bid/44604

www.vupen.com/english/advisories/2010/2861

www.vupen.com/english/advisories/2010/2863

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.2%

JSON

Related for CVE-2010-4217

openvas2 cvelist1 prion1 nvd1